Skip to content

Commit

Permalink
Merge pull request #556 from jetstack/step1-makefile-modules
Browse files Browse the repository at this point in the history 
🔥 Migrating to Makefile Modules ALL AT ONCE 🔥
  • Loading branch information
@maelvls
maelvls authored Sep 30, 2024
2 parents bd67a58 + 458cab4 commit 8d559ad
Show file tree
Hide file tree
Showing 76 changed files with 5,315 additions and 676 deletions.
32 changes: 32 additions & 0 deletions .github/actions/repo_access/action.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: 'Setup repo access'
description: 'Setups authenticate to GitHub repos'
inputs:
DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB:
required: true
description: "DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB secret"
outputs: {}
runs:
using: "composite"
steps:
- name: Configure jetstack/venafi-connection-lib repo pull access
shell: bash
run: |
mkdir ~/.ssh
chmod 700 ~/.ssh
echo "${{ inputs.DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB }}" > ~/.ssh/venafi_connection_lib_id
chmod 600 ~/.ssh/venafi_connection_lib_id
cat <<EOT >> ~/.ssh/config
Host venafi-connection-lib.github.com
HostName github.com
IdentityFile ~/.ssh/venafi_connection_lib_id
IdentitiesOnly yes
EOT
cat <<EOT >> ~/.gitconfig
[url "[email protected]:jetstack/venafi-connection-lib"]
insteadOf = https://github.com/jetstack/venafi-connection-lib
EOT
echo "GOPRIVATE=github.com/jetstack/venafi-connection-lib" >> $GITHUB_ENV
11 changes: 4 additions & 7 deletions .github/dependabot.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
# THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
# Edit https://github.com/cert-manager/makefile-modules/blob/main/modules/repository-base/base/.github/dependabot.yaml instead.

# Update Go dependencies and GitHub Actions dependencies daily.
version: 2
updates:
- package-ecosystem: gomod
Expand All @@ -14,10 +18,3 @@ updates:
groups:
all:
patterns: ["*"]
- package-ecosystem: docker
directory: /
schedule:
interval: daily
groups:
all:
patterns: ["*"]
23 changes: 0 additions & 23 deletions .github/workflows/chart-test.yaml
View file

This file was deleted.

31 changes: 31 additions & 0 deletions .github/workflows/govulncheck.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
# Edit https://github.com/cert-manager/makefile-modules/blob/main/modules/go/base/.github/workflows/govulncheck.yaml instead.

# Run govulncheck at midnight every night on the main branch,
# to alert us to recent vulnerabilities which affect the Go code in this
# project.
name: govulncheck
on:
workflow_dispatch: {}
schedule:
- cron: '0 0 * * *'

permissions:
contents: read

jobs:
govulncheck:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- id: go-version
run: |
make print-go-version >> "$GITHUB_OUTPUT"
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.go-version.outputs.result }}

- run: make verify-govulncheck
101 changes: 101 additions & 0 deletions .github/workflows/make-self-upgrade.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
# THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
# Edit https://github.com/cert-manager/makefile-modules/blob/main/modules/repository-base/base/.github/workflows/make-self-upgrade.yaml instead.

name: make-self-upgrade
concurrency: make-self-upgrade
on:
workflow_dispatch: {}
schedule:
- cron: '0 0 * * *'

permissions:
contents: read

jobs:
self_upgrade:
runs-on: ubuntu-latest

if: github.repository_owner == 'cert-manager'

permissions:
contents: write
pull-requests: write

env:
SOURCE_BRANCH: "${{ github.ref_name }}"
SELF_UPGRADE_BRANCH: "self-upgrade-${{ github.ref_name }}"

steps:
- name: Fail if branch is not head of branch.
if: ${{ !startsWith(github.ref, 'refs/heads/') && env.SOURCE_BRANCH != '' && env.SELF_UPGRADE_BRANCH != '' }}
run: |
echo "This workflow should not be run on a non-branch-head."
exit 1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- id: go-version
run: |
make print-go-version >> "$GITHUB_OUTPUT"
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ steps.go-version.outputs.result }}

- run: |
git checkout -B "$SELF_UPGRADE_BRANCH"
- run: |
make -j upgrade-klone
make -j generate
- id: is-up-to-date
shell: bash
run: |
git_status=$(git status -s)
is_up_to_date="true"
if [ -n "$git_status" ]; then
is_up_to_date="false"
echo "The following changes will be committed:"
echo "$git_status"
fi
echo "result=$is_up_to_date" >> "$GITHUB_OUTPUT"
- if: ${{ steps.is-up-to-date.outputs.result != 'true' }}
run: |
git config --global user.name "cert-manager-bot"
git config --global user.email "[email protected]"
git add -A && git commit -m "BOT: run 'make upgrade-klone' and 'make generate'" --signoff
git push -f origin "$SELF_UPGRADE_BRANCH"
- if: ${{ steps.is-up-to-date.outputs.result != 'true' }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const { repo, owner } = context.repo;
const pulls = await github.rest.pulls.list({
owner: owner,
repo: repo,
head: owner + ':' + process.env.SELF_UPGRADE_BRANCH,
base: process.env.SOURCE_BRANCH,
state: 'open',
});
if (pulls.data.length < 1) {
const result = await github.rest.pulls.create({
title: '[CI] Merge ' + process.env.SELF_UPGRADE_BRANCH + ' into ' + process.env.SOURCE_BRANCH,
owner: owner,
repo: repo,
head: process.env.SELF_UPGRADE_BRANCH,
base: process.env.SOURCE_BRANCH,
body: [
'This PR is auto-generated to bump the Makefile modules.',
].join('\n'),
});
await github.rest.issues.addLabels({
owner,
repo,
issue_number: result.data.number,
labels: ['skip-review']
});
}
138 changes: 0 additions & 138 deletions .github/workflows/release-master.yml
View file

This file was deleted.

Loading

0 comments on commit 8d559ad

Please sign in to comment.